Fake WinRAR proof-of-concept exploit drops VenomRAT malware

[[correlate]]

Content source

https://www.bleepingcomputer.com/news/security/fake-winrar-proof-of-concept-exploit-drops-venomrat-malware/

A hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect downloaders with the VenomRAT malware.
The fake PoC exploit was spotted by Palo Alto Networks' Unit 42 team of researchers, who reported that the attacker uploaded the malicious code to GitHub on August 21, 2023.
The attack is no longer active, but it once again highlights the risks of sourcing PoCs from GitHub and running them without additional scrutiny to ensure they're safe.

Fake WinRAR proof-of-concept exploit drops VenomRAT malware

A hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect downloaders with the VenomRAT malware.

www.bleepingcomputer.com

 

[SumTingWong]

People are still using WinRAR? I drop WinRAR for 7-Zip.